Webinar Description
Key Takeaways
- CrowdStrike introduces AIDR (AI Detection, Investigation, and Response) as an emerging security category designed specifically for AI-driven environments
- AI agents operating autonomously create a distinct attack surface where human users, non-human identities, sensitive data, and automated actions converge
- Traditional cybersecurity architectures were not designed to address threats targeting or originating from autonomous AI systems
- The endpoint remains central to AI security as the authoritative source of truth for monitoring AI activity
- Intended for security executives, architects, and enterprise decision-makers evaluating AI adoption risks
Introduction
As organisations accelerate their adoption of AI agents and autonomous workflows, a fundamental shift is occurring in how enterprise systems operate—and consequently, how they must be protected. CrowdStrike President Michael Sentonas hosts a virtual CrowdCast titled “AIDR: Defining the Next Era of Cybersecurity,” presenting the company’s perspective on securing what it terms the “agentic enterprise.” The session addresses security and IT leaders grappling with the implications of deploying AI systems that can reason independently, access sensitive data, utilise credentials, and execute actions without direct human oversight. With AI capabilities expanding rapidly across enterprise environments, the discussion arrives at a moment when many organisations are recognising that their existing security frameworks may not adequately address the risks introduced by autonomous systems.
About This Event
This executive-level virtual presentation introduces AIDR—AI Detection, Investigation, and Response—as a proposed security category purpose-built for the challenges of AI-driven environments. The format is a webinar-style CrowdCast rather than a hands-on workshop, positioning the session as strategic education for senior technology and security leaders. Attendees receive an early look at CrowdStrike’s approach to securing autonomous AI systems, with particular emphasis on how the endpoint serves as the foundation for visibility into AI activity across the enterprise.
The Agentic Interaction Layer: A New Attack Surface
The central premise of the discussion is that AI agents are creating an entirely new category of attack surface that differs fundamentally from those addressed by previous generations of security tools. Unlike traditional software applications that execute predefined instructions, AI agents possess the ability to reason about problems, make decisions, and take actions based on their analysis. This autonomy introduces security considerations that extend beyond conventional application security or identity management.
CrowdStrike identifies this new terrain as the “agentic interaction layer”—the space where human users, AI systems, non-human identities, sensitive data, and automated actions intersect. Within this layer, AI agents may hold credentials, access confidential information, communicate with other systems, and initiate processes that have material business consequences. The security challenge lies not only in protecting AI systems from external threats but also in monitoring and governing the actions that AI agents themselves take.
This convergence creates complexity that traditional security architectures were not designed to address. Perimeter defences, static access controls, and signature-based detection methods assume a computing environment where humans initiate actions and software behaves predictably. When AI agents operate with significant autonomy, these assumptions no longer hold, and the gaps in conventional security models become apparent.
Why Traditional Security Models Fall Short
Each major evolution in computing infrastructure has historically generated new categories of security risk and, in response, new security disciplines to address them. The shift from mainframes to client-server architectures gave rise to network security. The proliferation of web applications created the need for application security testing and web application firewalls. Cloud adoption drove the development of cloud security posture management and cloud workload protection platforms. The pattern suggests that transformative changes in how computing resources are organised and utilised inevitably expose vulnerabilities that existing tools cannot adequately address.
The emergence of agentic AI represents another such inflection point. Existing security tools excel at monitoring human user behaviour, detecting known malware signatures, and enforcing access policies based on static rules. However, they lack the contextual awareness needed to evaluate whether an AI agent’s actions are legitimate, whether its reasoning has been manipulated, or whether it has been compromised in ways that cause it to behave against organisational interests while appearing to function normally.
The session explores why organisations cannot simply extend their current security investments to cover AI-specific risks. The nature of the threat differs qualitatively: adversaries may target AI systems to corrupt their decision-making, exploit their access privileges, or use them as vectors for lateral movement within enterprise environments. Defending against these scenarios requires security capabilities designed with AI behaviour and AI-specific attack techniques in mind.
AIDR as an Emerging Security Category
CrowdStrike positions AIDR—AI Detection, Investigation, and Response—as the security model suited to this new environment. The framework extends the logic of endpoint detection and response into the domain of AI systems, providing capabilities to detect threats that target AI agents, investigate anomalous AI behaviour, and respond to incidents involving autonomous systems.
A key element of the AIDR approach is the emphasis on the endpoint as the authoritative source of truth for AI activity. While AI agents may operate across distributed infrastructure and interact with numerous cloud services, their actions ultimately manifest through endpoint activity—file access, network connections, process execution, and credential usage. By maintaining deep visibility at the endpoint level, security teams can observe what AI agents actually do rather than relying solely on logs or API-level telemetry that may not capture the full picture.
This endpoint-centric philosophy aligns with CrowdStrike’s broader platform strategy while addressing the specific requirements of AI security. The approach acknowledges that AI agents, despite their sophistication, remain software processes running on infrastructure that can be monitored, analysed, and protected using techniques that build upon established endpoint security principles.
Who Should Attend
The session is designed for security and technology leaders responsible for enterprise risk management, security architecture, and strategic planning around AI adoption. Chief Information Security Officers, Chief Information Officers, and Chief Technology Officers will find the discussion relevant as they evaluate how AI deployment affects their organisation’s threat landscape. Security architects and engineers tasked with designing controls for AI-enabled environments can gain insight into emerging frameworks for AI-specific security. The content also addresses decision-makers in industries where AI and automation are becoming operational necessities, helping them understand the security implications of these technologies before deployment decisions are finalised.
Organisations that have already deployed AI agents or are planning significant AI initiatives face immediate questions about how to govern these systems securely. Those in regulated industries may face additional pressure to demonstrate that AI systems operate within appropriate controls. The session offers a conceptual foundation for thinking through these challenges, even for attendees who may ultimately adopt different technical approaches.
Preparing for the Next Decade of Cybersecurity
The broader argument presented in this CrowdCast is that the next decade of cybersecurity will be substantially shaped by how organisations approach AI security. As AI agents become more capable and more deeply integrated into business processes, the consequences of security failures involving these systems will grow correspondingly severe. Organisations that develop robust AI security practices early may gain competitive advantages, while those that treat AI security as an afterthought risk significant operational and reputational harm.
The session encourages security leaders to begin thinking systematically about AI-specific risks now, rather than waiting for a major incident to force the issue. Understanding the agentic interaction layer, recognising the limitations of existing security tools, and evaluating emerging frameworks like AIDR represents preparatory work that can inform both immediate security decisions and longer-term strategic planning.

